Skip to main content
12:00 pm
215 of the patriot act allowing the bulk collection of metadata about telephone calls. the president has ordered a transition that will end this bulk collection in a manner that maintains the tools intelligence agencies needed for national security. we are committed to following this mandate. the intelligence community believes that the new framework in the u.s.a. freedom act deserves the capability intelligence community needs without the government holding this metadata in bulk. the u.s.a. freedom act would prohibit all vocal collection of record pursuant to section 215, the pen register or trap and trace provision of fisa and national security legislation statute going forward. let me repeat that. the intelligence community understands and will add it to the bill's proposition on all vocal collection under these authorities. moreover, usa freedom act makes other important changes by
12:01 pm
further ensuring that individuals privacy isn't properly protected without sacrificing operational effectiveness. to that end, we support the usa freedom act as an effective means of addressing the concerns that have been raised about the impact of our activities while preserving the authorities we need for national security. we are urge this committee to give the house bill serious consideration as expeditiously as possible, consistent with this committee's elaborations. we are ready to work with the senate to clarify language in the bill as necessary. in closing, we appreciate the committee's leadership, in particular your support over the past year in considering issues related to our intelligence collection activities and privacy and civil liberties issues. we also appreciate your support for the men and women working throughout the intelligence community that includes the nsa, that remained dedicated to keeping our nation safe and protecting our privacy, and to have upheld the oath by conducting themselves in
12:02 pm
accordance with our nation's laws. we look forward to answering your questions. >> thank you very much, ms. o'sullivan, and we will know procedure questions. i have two, and the question i have is this. would you support a modified definition that change is what's called specific selection terms, and instead call it a specific identifier, and defines it more specifically by adding that it's meant to be a discrete term used by the government to narrowly paper the scope of information? >> madam chairwoman, i think that we think the definition that's in the bill works, but as ms. o'sullivan said, we are more than happy to work with the committee if you feel there is a better language. we are more than happy to work with the committee to try and
12:03 pm
put out language that really a compass is what i think we all understand needs to be done. we are trying to end a bulk collection but we're trying to allow enough possibility to get in times the font of records that may be important to do these investigations but still keeping them focused there so we are happy with a language that is there and were happy to work with you on additional language if speed is all i'm asking is that you take a look at it spent more than happy to do so. >> thank you. an fcc rule, section 42.6 at 47 cfr requires a companies that quote offer or build tall telephone service to retain billing information and telephone cold calls, toll calls, or at least 18 months. here's the question. does this will require telephone companies to retain the information that the government needs for a sufficient period of
12:04 pm
time? as you know in this bill before us, there is no time for retention of records. >> i will refer to mr. legit or mr. giuliano also believe that this does provide a sufficient period of time for us and at the forefront of the records, there is a provision in the bill that allows us and the court to order a technical assistance from the companies to make sure that the records are in the kind of form and format that will be useful to us. >> mr. like it? >> we believe 18 month retention period would be sufficient if the companies were to change their practices we would advise the committee spent so you're saying you are confident that the companies will retain the call records for 18 months? >> we actually can't say that. we dashed and they will retain the records for as long as their
12:05 pm
business requirements dictate, and they can change their business models and change they need for there. we will advise the committee if and when that happens is that affects our ability to conduct our intelligence mission. >> okay, thank you. mr. vice chairman. >> thanks, madam chair. mr. kohl come in your opinion is nsa section 215 both telephone and metadata collection program conducted in accord with our constitution of the loss of the united states? >> yes, mr. vice chairman, it is. ms. o'sullivan, but i get your answer to the same question? >> yes, it is. >> do you agree with me that nsa bulk telephone and metadata collection system has been one of the most heavily overseen programs in the intelligence community? >> yes, mr. vice chairman, i do. >> mr. giuliano, the bill, this bill would extend the sunset for both lone wolf and roving out to
12:06 pm
december 31, 2017. seems to me that these two provisions are pretty noncontroversial at this point. the only reason we cannot extend these the sunset was because of the concerns about the 215 bulk data collection program which this bill is going to eliminate. have there been any abuses of the roving or mobile provisions, to your knowledge? >> no, sir come there hasn't. >> would you be in favor of making them a permanent? >> yes. >> mr. cole, do you agree with that? >> i think that would be appropriate, senator. >> mr. leggett? >> yes, sir. >> ms. o'sullivan? >> yes, sir. >> the nsa has been subjected to a lot of unwarranted abuse since snowden's treasonous disclosures. i want to publicly take you and all the patriotic americans who serve our nation by quietly performing in essays vital
12:07 pm
mission. in your opinion, is this country safer or less safe after those damaging disclosures? >> versed, thank you for the words of support. for the nsa workforce. we appreciate that. in my opinion, the country is less safe because of the disclosure of the methods that we used to conduct our authorized foreign intelligence mission. >> it doesn't appear to be -- there doesn't appear to be any requirements in the bill for service providers to retain call detail records for any set period of time as you just discussed with the chairman. mr. ledgett come if service providers decide to scale back their data retention period, how would that impact msas mission? >> mr. vice chairman, that would make it, make the information less useful for providing intelligence on the external threats with a u.s. annexes, and so we come back and informed the
12:08 pm
committee if that became the case. >> mr. giuliano, how would the fbi be affected if the service providers unilaterally decide to cut back their retention period? >> i think it would affect both the richness of the date and the usefulness of the data. >> would you make other investigative techniques like grandeur subpoenas and national security letters less effective? >> i'm not sure it would make them less effective, but if the date is less rich and there's less data to use, it would impact the value of the data. >> now, i'm in favor of providing a statutory basis for the fisa court to use their inherent judicial authority to appoint amicus curé when the courts determined that it would be appropriate. and in other we made a provision for that.
12:09 pm
section 41 requires the court to appoint an amicus to assist the court in situations involving and i quote novel are significant interpretations of the law unless the court issues a written finding that such appointment is not appropriate. this seems like an unconstitutional infringement upon the judicial branch's power to interpret laws of the united states. we routinely trust our courts and judges to make these sorts of interpretations in ex parte situations in the criminal context. mr. cole come to think it's a good idea to try to impose this requirement on fisa court? >> well, mr. vice chairman, i think is a practical matter the courts will be appointing amicus when is a significant and a novel issue that comes before them. i think that will happen in the due course. this doesn't require them in all instances q. it just says it for some reason they decide if they don't want one they just have to put the reasons in writing. my expectation is that when it is significant and novel the
12:10 pm
courts generally will want to have another point of view and have an amicus coming. citing the operation of it would be virtually the same as if it was just the inherent power. >> so what if you run into a judge who just in every case decided they are going to make a determination that we don't need an amicus brief? do you think it's going to be incumbent upon the doj to review those decisions that judge makes? >> now i don't think there's a mechanism that requires the justice department to oversee how the court is imploring at this distant employ this. is still in the discretion of the court to appoint an amicus. it's just that when you have one that is significant or novel and they don't, they need to ameris data reasons if they don't appoint one, why. >> thanks madam chair. >> thank you, mr. vice chairman. senator udall? i will just read the list,
12:11 pm
udall, king, wyden, mikulski, rockefeller, coach, collins, heinrich, rish and levens. >> thank you, madam chair. let me begin by asking unanimous consent to edit the record a letter published by the reform government surveillance coalition. >> without objection, thank you. >> madam chairman, the reform government surveillance coalition is made up of leading american companies, aol, lincoln, dropbox, twitter, facebook, google and yahoo!. i think the important sense in their letter is in the next few weeks the senate has the opportunity demonstrate leadership and passive version of usa freedom act that would help restore the conference of the users here around the world by keeping citizens safe. they going to express her concerns with the house bill and urges us in the senate to make some significant changes to the house bill. in that spirit i want to make an initial set of comments and
12:12 pm
then, of course, i've questioned for the panel. on january 17, the president ordered a transition away from the bulk collection phone records. i sure this goal of the president and i applauded his intention at the time. he also stated that it quote is not enough for you to say trust us, for history is given examples when that trust has been breached. our system of government depends on the law to constrain those in power, and is quoted. i agree that we must depend on the law to constrain potential future abuses of government surveillance, but i believe the house passed bill, the topic of ordering today, falls short of this goal and is not the true reform i demanded and many other americans have for years. in addition to my concerned that the house passed bill omits, the section 215 language in the house passed bill and describe the specific selection term used to secretly collect records is vague enough to still allow the collection of mass information. i believe it is not this
12:13 pm
administration's content to interpret the language so broadly, by the nsa has shown time and time again it will seize on any wiggle room in the law and there's plenty of that in this bill. so mr. cole, let me ask you, even if it is not the intent of this administration or even of this congress, what would stop the fisa court from interpreting the specific selection term very probably should the government asked it to do so? >> i think a lot of what would prohibit that is the legislative history, the statements of intent, that we are creating here today by making clear and a bag -- i'm the biggest statement that isn't intended to stop bulk collection and that what we are focusing on is some focused, tailored inquiries that will depend on the facts and circumstances and it's impossible to predict all of them ahead of time. but to make sure that we do have a focused inquiries and focused
quote quote
12:14 pm
collection of information for our investigations. so i think a lot of that is going to come from both the language of the statute, and if there are improvements that people want to suggest we are happy to work with them on them that we think the language does it by using terms like specific and identifies and thinks of that nature to make it not the indiscriminate bulk collection that have been going on before. i think also just the reports that have come out of the house, the statements that are being made both by you senators in the course of your comments and by the witnesses that come before you as making up the legislative history. those which constrain it. i think in addition if there were an interpretation by the fisa court that it is very broad, that would be a novel and significant ordered and opinion and would be given to the united states congress, given to the senate, and the senate would have an opportunity to pass additional legislation to rein it back in. but i would be very, very surprised to see it go in that
12:15 pm
direction based on the language that's you and the legislative history. >> we do have a moment in time where we have to get this right, and with all due respect i don't remember the fisa court showing a great deal of restraint in the past but i want to move to my next question if i could. the current court approved or for section 215 bulk collection expires on june 20, not a long time from now. in essence of agreement on a surveillance reform bill in the next two weeks i is in the administration will ask the fisa court for another 90 day extension. that's disappointed i believe the administration has the tools it needs to keep americans safe while also protecting our constitutional privacy rights. mr. cole, back to you again. has the administration look at what can be done to utilize existing authorities such as regular fisa orders and national security letters, if only on an interim basis to into bulk collection now? doesn't make sense for the administration to proactively pursue options today in bulk
12:16 pm
collection even as congress does its work? >> no final decision has been made on the renewal, but to answer the specific question, senator, you don't get all othef the features under the existing authorities that you have under the current fisa court or that exists or under h.r. 3361. you don't get the to box. you get the prospective production of records that can come. you don't get the time treated as given by the statute, the 180 days to try to transition into the new type of system and formatting the phone companies and providers will have to do. so there's a number of features that we don't have today and wouldn't have today without the current fisa order. as the president has said on the 17th of january, this is important information that we think we have found a way to collect that kind of information we need to substitute it without
12:17 pm
bulk collection. but without the structure we have and 3361 we don't have that tool. >> my sense, if i could be a bit contrarian, is that the fisa court is expensively interpreted the patriot act to allow the collection of millions of americans phone records. if you came to them with a more narrowly drawn interpretation of the law as it now exists without requiring congressional office action, they would positively respond. have you made any such request or engaged with the court on those questions of? >> we have, to my knowledge, not engaged with the court on those questions. we have a judicially tried and tested method here, as the chairman had pointed out, 37 times the court has approved this. other courts have approved this as well. we are a little reluctant to start going into some other type of legal regimen that is not contested, that has not been approved by the courts.
12:18 pm
we would rather go the legislative route where the united states congress and both houses have looked at it, have deliberated and have decided to pass it. so we think that our choices at this point really come down to what has been approved by the courts over a number of years, the new legislation, or else not having the tools we need at all. >> madam chair, my time has expired. as you can imagine i have another hour's worth of questions. i will extend a number of them to you all for the record. >> thank you, senator. >> thank you very much, senator udall. senator king is next but he has very graciously agreed to permit senator coats who has to catch a plane to make a statement. so senator, you are on. >> i thank my colleague and i hope i can return the favor. sometime come in the interest of not taking up time i will simply make a statement for the record. i have a number of questions which we can present as we go through this.
12:19 pm
i was taken by the words of the vice-chairman who said fixing what is not broken. we have to be very, very careful. unfortunately, in my opinion there's been significant misrepresentation that the current program regarding privacy concerns and regarding suggesting a lack of sufficient oversight by the three branches of government, which unfortunately has put us in a position where i'm afraid we may have overreached in terms of what we're trying to do here. i take a backseat to no one regarding our constitutional rights on personal privacy that are guaranteed to us. nevertheless, i think we must carefully review and analyze consequences of any proposed changes to ensure that we do not compromise our ability to detect and thwart threats against american citizens. we should not play to the siren
12:20 pm
song of the political response simply to please people that we are responding to their misperceptions in many cases. because there's too much at stake, and namely security in america. compromising to please a skeptical and legally misinformed the public and, therefore, losing our ability to protect americans is something that we have to take very seriously. so i think as we go forward we have to carefully weigh and consider the response of general alexander to my question to him in a public hearing when i asked him about the question of diminishing our capabilities to detect and thwart an attack. and his answer was, americans will die. so i hope as we go forward we keep that in mind as we examined how we are reconstructing this program, and make sure that we're doing everything we can to keep americans from dying
12:21 pm
unnecessarily. madam chairman, thank yo thank y much spin and i think you, senator coats. appreciate it. senator king. >> thank you, madam chair. i was asked recently in maine with the intelligence committee does, and after thinking about it for a minute, i said our principal job is to way to provisions of the constitution. one is the preamble, which invest us with the response of the protecting, providing for the common defense and ensuring domestic tranquility and the other is the fourth amendment to see that peoples persons, property and a facts are secure from unreadable searches and seizures. were possibly trying to find that right balance and that's exactly what this hearing is about today. i have expressed from the very beginning of my service on this committee reservations about the government holding the bulk of data. it always struck me as an invitation to abuse. i believe strongly that we have to have institutional checks rather than reliance upon the
12:22 pm
goodwill and good natured and good faith of individuals who are entrusted with that kind of information. i'm a great believer in the lord acton's famous admonition call to all power corrupts and absolute power corrupts absolutely. so i think this provision that the president recommended, the house has adopted, is moving very definitely in the right direction but a couple of specific questions. it seems to me that something has to be added to this bill with a timeframe for the retention of records. the question has been asked several times what if they changed it? we would go to fisa, come back to the congress. let's do it now. let's decide what the right number is. 18 months is what the fcc requires i understand, but under our prior consideration we are talking about three to five years and i would like your recommendation, as to what the right number should be. i would be more comfortable with
12:23 pm
a number and with the longer-term than 18 months. >> senator, i think from our point of view we can live with the 18 months retention period that the sec imposes from a regulatory point of view, and that they need in the curve in terms of the effectiveness is right about there. >> eighteen months do you feel is sufficient but should not that be put in the statute? because the house bill as i understand it has no figure in it, is that correct? >> yes, sir, that's correct. that would address the issue of the potential action on the part of the telecommunication companies, but as i said earlier, it's not part of the statute will come back to the committee. >> well, let's do it while we have the chance, would be my response to that.
12:24 pm
are you going to be, is there going to be a requirement or is there one in the bill that the telecommunication companies normalize the records in some way that are useful and able to be searched in a consistent and standardized way? i notice you are nodding. in getting an affirmative on that? >> yesyes, there is. it's not a direct requirement that is the ability for the court as part of the order to instruct the telecommunication companies to work with the government to make those records, do technical assistance is what we call it, to put the records in a format that will be usable which usually is in some and electronic format. >> there was some discussion we talked about this in committee a year and a half ago about delays, possible delays. are you comfortable that this transition from government held a data to privately held data will not delay, if we have a bombing, god forbid, at the boston marathon, are we going to build a get out the information
12:25 pm
in a matter of minutes, or is there going to be some further delay because of this change? >> i think that because of this change, i'm not sure that would be a further delay. we certainly have under the bill emergency powers to try and go to the provided without even going to the court when it's truly an emergency with the authority of the attorney general. so we have that ability that will not delete anything. the attorney general then has to file a request within seven days. we also i believe will have the cooperation of the providers that in a true emergency they will help us go through this. i think the data generally is there and is quite accessible and quite usable in the formats that they're keeping it. this is kind of a modern epics i think from all those perspectives i would imagine if there's any delay it will be minimal. >> final question, cost. have there been estimates or proposals from the telecommunications companies what, if any, costs will be incurred by the government in order for them to maintain these
12:26 pm
doctors and maintain the availability standardized format and those kind of things? >> senator, it's a little early to get cost estimate at this point. once the law is passed, assuming it is, we need to work with the individual providers, and each one of them have a different architecture. they are architecture and our ability and need to interface with that is going to drive those cost figures. >> i realized this might be a strange thing coming from one of us, but it would be nice to know the cost before we passed the law. and, of course, the interesting number would be a net cost because i presume there are savings to the government to not have to maintain a massive data server farm to maintain this data, but i would urge you, i think we need at least some kind of ballpark estimate before we move forward with this legislation just did not have a bad surprise at the end. thank you very much. if you can submit that for the record. >> thank you, senator kean. senator wyden.
quote quote
12:27 pm
>> thank you, madam chair. madam chairman, let me commend you for holding an open hearing today. i think it's very instructive and i appreciate all our witnesses being here. let me start by talking about the fact that the house bill does not ban searches for americans e-mail, and here particularly i want to get into this with you, mr. logic, if i might. we are talking of course about backdoor search loop holes, section 702 of the fisa statute. this allows an essay in effect to look through this giant pile of to mutations that are collected under 702 and to literally conduct warrantless searches for the conditions of individual americans. this loophole was closed during the bush administration but it was reopened in 2011, and if you want to go the director of national intelligence acknowledged in a letter to me that the searches are ongoing today. i am particularly concerned about it because as global
12:28 pm
communications get increasingly interconnected, this loophole is going to grow and grow and grow as a threat to the privacy of law-abiding americans. so for purposes of getting on top of this and working with all of you, my question today is how many of these warrantless searches for americans to mutations have been conducted under section 702? for you, mr. lodgett. >> thank you, senator wyden. the searches under the provisions of fisa in section 702 are only conducted unlawfully acquire data and under foreign intelligence surveillance court approved procedures. the searches are not just conducted by nsa. they involve other agencies as well. we have provided a to detailed information to the committee on
12:29 pm
the background on this, and we will work with the dni and the rest of the nic to provide additional information spent when like an answer to the question. it's a very specific question. the director admitted to me in a letter that befor these were but searches are taking place and going to next and see how many of them? will i get a letter telling me how many of them have taken place? i would like to within two weeks because it is obviously relevant to making this part of the senate bill because it would be submitted in the house. can we have it within two weeks? >> we will work on that, sir. we will get you a response within two weeks. >> thank you. making some progress. now, the only other question i have for today is, at this moment your agencies continue to vacuum up the phone records of millions of law-abiding
12:30 pm
americans. and this is because the executive branch has not taken any action to stop these practices. i and others consider this enormously intrusive, and the inflated claims about its value has crumbled under scrutiny. .. now the constitutional rights of americans are needlessly being violated while, in effect, i guess the administration waits for the congress to act. i think this is a case of bureaucratic inertia at its worst. you,he question for all of and maybe we start with you, mr. cole, would be that given that the government could use regular pfizer orders and national security --fisa orders and national security records to obtain the phone records of terrorist and their associates, which i support, why has the bulk record
12:31 pm
why hasn't the ball collection of american's phone records then ended? >> this is the same question the senator udall asked which is the authorities that we have under national security letters and other authorities absent the 215 orders we have talked about don't really give us the tools that we need. the legislation h.r. 3361 gives us those including the two hops. he gives us the perspective collection. it gives us a wider range of information that we wouldn't have under normal authorities. we only get a single entity a phone number and what it's been in contact with. you then have to go back and use separate items for each additional terrorists and associate that is there and it's not the same tool that we would have under either the legislation. >> mr. cole i understand your agency's desire for clear statutory authority and the chair of the committee as has been constructed in urging some
12:32 pm
changes to the house proposal that the reality is that current law gives the government broad authority right now, right now to obtain records quickly and the fisa court unquestionably has been inclined to give the government an enormous amount of latitude. so the fact that this dragnet surveillance is taking place right now is unacceptable to me and i'm going to continue to keep working on this and i will have more to say about it down the road. thank you madam chair. >> thank you very much senator. senator mikulski. >> senator feinstein i'm going to echo the comments of other senators to thank you and senator chambliss for holding a public hearing for this most important topic. i also want to align myself with remarks of senators chambliss and coats and particularly
12:33 pm
senator chambliss' line of questioning. everyone in this room and all the senators note i represent the national security agency. over 15,000 people get up every day and wonder how to protect america so now that we have seen the revelations of snowden and we are not here to debate whether he was a traitor lower but i'm deeply disturbed that while i support they need to review the 215 project to ask to examine reforms i do not need to see the continual humanization of the national security agency whether it's in the media or in other forms. every day, every day the people who work at the national security agency protect our warfighters, stop cyberattacks and do a whole host of other things to keep americans safe. eric snowden has his time and he
12:34 pm
gets an hour of tv. he gets a raw from brian williams but i think we have to say to the national security staff that while we look at the constitutionality of other issues here that we do not demonize fat. i have always maintained in our programs must be constitutional, legal, authorized and necessary. now mr. ledgett and mr. giuliano do you believe that you doing your work using the 215 program to you believe we are constitutional legal authorized him to do deem it the necessary? >> senator mikulski first thanks for the message of support to the great men and women of nsa. yes in answer to your question i do believe it was constitutionally authorized and done within the legal and procedural constraints into which we operate and i believe every investigation has shown that to be the case.
12:35 pm
>> mr. giuliani? >> senator i concur. i do concur with mr. ledgett's comments and do believe as was noted earlier the oversight of that program is expensive. >> now i want to go, we are not going to discuss today the constitutionality. i have urged the administration to form any expedited procedure to find out was the 215 program constitutional. if it's not and it right away. if it's unconstitutional, no. i presumed the usa act is constitutional but i'm going to go to questions of necessity. and i'm going to go again to nsa and the fbi. do you believe that what we did under 215 was necessary? >> have now reviewed this usa freedom max. do you believe that based on what you deems necessary to protect the people of the united
12:36 pm
states of america that this will enable you to do your job and that you will have the tools to continue to do what you think is necessary to protect the people? >> yes, senator i do. i believe that it helps to mitigate the gap that the section 215 legislation had been enacted to fill which is the external terrorists with the u.s. nexus, protecting that in avoiding a repeat of the 9/11 sort of attack where he had folks outside of united states who were talking to people inside the united states that we couldn't identify them. the program was designed to address that and the h.r. 3361 we believe does as well and it allows us to do that job and the way we need to to protect the american public. >> senator i concur it does
12:37 pm
allow us that the fbi to continued the traditional use of our authorities is provided by the congress and i think it starts -- strikes the right balance. >> in my 29 seconds left there is a great deal of pressure about who should hold the data. now why we think the telephone company will be a better and safer place i'm not sure. and maybe it's not you too. maybe it's mr. cole so let's say it becomes a telephone company that's going to hold this data. who then becomes the oversight and predatory body? is all this come under the regulatory authority of the fcc? >> to an extent. >> so in other words we can say goodbye to all these things and just say we will count on the fcc to keep an eye out mass? >> i think you have to break it up into different pieces
12:38 pm
senator. the telephone companies already hold the data so we are not doing anything new here and they already are under the control of the fcc as to the data they hold and how they deal with it and things of that nature but what is going to remain subject to oversight from congress, from the executive branch and the judiciary is how we use the various tools that are in h.r. 33612 query that data, to acquire some of that data, to use some of that data. the restrictions on how much can be looked at, what it can be used for, what it can be disseminated for how long you can keep it. those are the kinds of things and what the standards are for exley getting it. those are the kind of important questions that will remain subject to a lot of oversight by the executive branch, the justice department, the dni, the fbi, the nsi and there's a specific provision by the courts and by congress because they're
12:39 pm
still going to be robust reporting to congress on what is done. >> thank you. >> thanks very much senator mikulski. senator rockefeller. >> thank you madam chair. it seems to me that we are doing something unnecessary in unpredictable here which might make the public feel better but which would be not good for national security which is what our job is. it seems to me that we are taking the program that the president is determined to be legal and important as a counterterrorism tool, a program that has audits, inspections, judicial checks congressional oversight and other privacy and protection mechanisms built-in. a program that is currently in a highly secure location operated
12:40 pm
by highly trained professionals who have taken an oath to defend the constitution and who have lived up to that oath and we are shutting it down to move the storage of the querying of that data for intelligence purposes for heavens sakes to a private-sector system but does not yet exist. what is the sense of that? mr. ledgett, i could ask you and will ask you to describe the various queries checks on its oath internal and external that are currently in place at the nsa to protect american privacy as it relates to querying of 215 data but let me ask you three things on top of that. can you describe the privacy oriented training that analysts have to undergo 4215 databases?
12:41 pm
are the training internal rules and external audits which are designed to protect privacy taken seriously at the nsa? the answer to that is yes. if this is the case explained to me why we should be moving the querying process to a new and untested system that is a free enterprise system which does at a snow matter how they testified bound what we do in this. we went through that and fisa. when we had to do immunity. they didn't want to do it. it's not their training, it's not their practice. it's not the nature of their workforce. it's a high intensity concentration all route of 22 people making serious decisions about what gets to be queried etc.. it's a private-sector operation. it's huge and not everybody is.
12:42 pm
there are a lot of small telephone companies that have to go through the same thing. i don't like it makes any sense. so how do you compare the security possibility of a system which does not yet exist which at the core i promise you is not welcomed by those who have been asked to do it? to replace a system which is working well which the public naturally is suspicious about because they are suspicious about a 90% -- 9% favorable rating? the public is never going to trust us but if we are doing something for national security which is trustworthy i trustworthy people who are trained and they devote their lives to this as part of the culture as we said in a particular place why cash it out?
12:43 pm
spain senator rockefeller thanks for the question. the current system involves a host of safeguards, technical safeguards, policy procedural safeguards, training safeguards and the number you mention the 22 people who are authorized to access that database. that's an example of the restricted completely audited and with software in place that prevents them from making an erroneous query against a number that has not been authorized by the court. and our record in that arena is outstanding in regards to protecting the privacy. and i think those were necessary for two reasons. one because it's the government with the data as opposed to someone who is not the government so the powers of electronic surveillance and the need to very closely circumscribed those.
12:44 pm
the second one, the second reason is because the data is aggregated to all the data was in one place. under the new program that data is not aggregated and it's not held by the governments of the telephone companies are holding the data that they are ready possess today. there's no additional data they are holding except queries from us that have specific numbers of interest and we will work with the companies to put rejections in place so that our interest in a particular number doesn't leak out and provide warning to the terrorists or potential terrorist in interest. the companies are to have this data and so the implications are different in this regard. >> it's a very large order for a very untested series of companies. the struggle to get people trained to have them locked in on their duty as they go to work every single day especially
12:45 pm
those 22 but nsa in general where nobody has complained about the privacy violations. everybody is worried about what might happen. everybody is always worried about what might happen but it hasn't happened. now it all comes to an end at the end of next year or this year whatever it is that we will have to look at it again. but to change it to profit-making and i'm chairman of the commerce committee and i've dealt with telecommunications a long time. they say many things and they don't do many things. when we started the e-rate program which was really controversial they all wrote me letters swearing that they would not litigate and every single case they all took it to litigated it and it ended up in the supreme court and they all lost. but the point is they didn't want to do it. they don't even want to do this. i would just assume not given the chance. i'm sorry for taking so long. >> no problem.
12:46 pm
thank you senator rockefeller. senator collins. >> thank you madam chairwoman. mr. ledgett like many of my colleagues i want to see our intelligence collection laws strengthened to provide more transparency, improve privacy and also to increase oversight. at the same time as many of us have expressed, we need to ensure that we still have the tools that are necessary to help protect our nation from terrorist attacks. i want to follow up on some of the questions that have been raised by senator rockefeller and senator mikulski. under the usa freedom act the would retain the phone records rather than nsa. that's a major major change.
12:47 pm
now i believe it was mr. cole who pointed out yes but they are our ready saving these data but they are doing so for a completely different purpose than what we are contemplating in this bill. essentially they are doing so for billing purposes for the most part. some experts have warned us that data held in the private sector are at much greater risk of being briefed by hackers, being deliberately used for purposes other than that for which they were collected or being misused by personnel than if the data were continued to be held by a federal entity. you have only to look at what has happened in the past year where semantic, the security firm, called 2013 the year of
12:48 pm
the mega-breach when we had i think it was 40 million americans had their personal information compromised in the target case. there was a very compelling report put out by our colleague senator rockefeller as the chairman of the commerce committee that found that private companies already collect, mind and sell as many as 75,000 individual data points on each consumer. there was a recent report by the ftc that found that companies group virtually every american i raise ,-com,-com ma by hobbies, by medical conditions, things that we would all think were private and there was a story a couple of years ago by "the new york times" that described how the father of a teenager learned that she was pregnant because he kept seeing all these flyers for cribs and baby clothes coming to her in the mail.
12:49 pm
in contrast to all of those searches by the nsa database are limited to a very few highly trained personnel. every single search is limited audited and blogs. there are technical safeguards. you can't just take a number that you are curious about and do a search. that won't work and compliance issues have to be reported to the fisa court and to congress. so my question for you is how are we going to ensure that these same kinds of robust protections indeed even greater protections that many of us want to see are in place if we are going to have the data scattered across all of these telecom companies?
12:50 pm
i just don't see how you are going to ensure the privacy of that data and isn't it inevitablinevitabl e that many more people will have access to the data then do under the current system? >> thank you senator collins. the data is and has been in the possession of the telephone companies since they started keeping billing records and i don't know how many decades ago that was. what we did at under nsa under the 215 program was get a periodic feed of that data which we entered in and help in the database so all those protections you describe were on the copy of the data that nsa held in its database of the actual billing records existed before and will continue to exist regardless of the future of the 215 program or the passage of h.r. 3361 and all those vulnerabilities to hacking
12:51 pm
and that sort of thing are things that the telephone companies deal with everyday. so the difference is that there will not be that government held aggregated group of telephone numbers that we apply all those protections to. so we make that database go away and instead rely on the billing records that the telephone companies have held for decades and continue to hold for their own purposes and query against those. >> but don't you think that there is a big difference between the telephone companies holding this data for billing purposes versus holding it knowing that the government may come to them with specific selectors which is going to make them curious about why the information is being requested. you are going to have to go across a large number of companies to find the
12:52 pm
information. that seems to be inevitably involve more people. that is very different from the kind of data done that you were receiving and i just want to make sure as we are trying to increase privacy, strengthen the safeguards that we don't end up doing the opposite by having having these data held by the private sector. i know they are out there now but they are held for an entirely different reason and now we are going to be asking those their employees to do the queries that are now done by an extremely limited classified number so i can't say it but an extremely limited number of federal employees.
12:53 pm
>> i understand, mayhem and we will work with the telephone companies to ensure that our queries are done in a secure fashion in a secure fashion that the government runs to be sure they are protected in the right way. >> senator also if i may in the traditional law enforcement sphere we are regularly going to phone companies with grand jury subpoenas and things of that nature to acquire some of their billing records, to acquire some of these very same kinds of information. we go to them for registers that are on the law enforcement side. we work with the phone companies to do wiretaps on the law enforcement side so there is a fairly long history of working with the phone companies and using their data and their facilities from a law enforcement perspective that has given us some confidence that this will work in that regard. >> thank you. >> thank you very much senator collins.
12:54 pm
senator heinrich. >> thank you madam chair. i have a question in light of the recent public revelation that senator wyden referenced that the nsa has been using a loophole in the fisa amendments act to search for americans private communications without a warrant. what some people have dubbed the backdoor search loophole. now i think it's fairly clear that the intent of section 702 was to target foreign communications. but the government clearly based on that later believes it has the authority to deliberately search for the phonecalls or e-mails of specific americans and to circumvent the traditional one -- warrant detections guaranteed by the fourth amendment. i would ask mr. ledgett and mr. cole do you believe the government should be allowed to conduct searches of information on u.s. citizens collected under section 702 without having to
12:55 pm
seek a warrant for that information? >> senator the way it has been viewed and the courts have interpreted is the first issue is whether you are legally authorized to collect the information in the first place. this is what section 702 allows us to do. we target only non-u.s. persons and only people believed to be outside of the united states and those are the strict limits. obviously there will be communications that will involve americans that are incidental. they are not the ones that are targeted that we are allowed to collect that information. >> so you end up collecting incidental information of americans in your saying that the authorization under section section 702 to collect that information trumps protecting americans typically afforded under the fourth amendment? >> no, it's a several step process. you first are allowed to collect the information. it's just like a traditional
12:56 pm
criminal law wiretap. you have the person and the phone number that you have wiretapped but you collect calls that they make to other people who may not be the target of your investigation but you will collect those calls as well because they involve the person whose phone you are wiretapping. so it's the same thing with 702. if you are legally permitted to collect that information then you've got it and then the question is whether or not we can access that information, use the information that we legally possess. and this is what is different from the warrant requirement because the warrant is going to search for the americans, the u.s. persons records which we are not doing. we get those incidentally but we have them legally under 702 and then the question is whether or not it's been appropriate to look through those records because they are are ready legally ours. we haven't made a violation. we haven't gone out to seek them
12:57 pm
illegally in any way shape or form. they are legally within our possession and control. to further legitimate further investigations and legitimate counterterrorism investigations and things of that nature and certainly we have restrictions that we try to place internally on those. we try to make sure that they are used responsibly. we tried to make sure that they are only used for specific or purses but we already legally possess them and it's just a question of not ignoring what we legally possess. >> mr. cole i think you have made the governments position very clear and i appreciate that i think it's something we should publicly look at given the fact that we have this opportunity for reform right now. i want to get to my final question because we are we are running short on time already read but i want to go back to this issue that was raised early on in the questions around how h.r. 3361 defines a specific selection term and in looking
12:58 pm
back at the old draft from the house gets said a term used to uniquely describe a person, entity or account end quote. it was a pretty tight definition. the new version says specific selection term into discrete term such as and then there is sort of a laundry list of items in their. i have a little bit of trepidation anytime i see such as because then it's up to the person reading to decide whether the next thing they imagine is part of that such as or is not part of that such as lists. under your interpretation of this definition passed by the house, what are some records that would be excluded from collection under a specific selection term? >> well i think any old collection what is currently being authorized by the court of the collection of all telephony records and internet metadata
12:59 pm
records indiscriminately, that would be prohibited and it would be clearly prohibited. certainly if he went to collect all the telephone records within a certain zip code indiscriminately that would be prohibited because the point of this is to limit and to focus to prohibit indiscriminate collection and only authorize focused and intentional collections for a specific purpose. the reason for such as is it me or is that very difficult to predict on airing way what you may come across that human might ease -- that will for example involve a larger number of records than just one specific telephone call to one specific person at one specific time. some of the examples i gave my opening statement, you have somebody you know is going to build an improvised explosive device using ball bearings and fertilizer.
1:00 pm
you may want to go to the stores in that area that sell ball bearings and fertilizer. it's broader than just a single specific item but it's much less than every store in america regardless of who sorts through it. if you know a terrorist suspect stayed in a particular hotel for a couple of nights but you don't know who it was you might get that hotels records for those companies to see who all the residents were or who while the guests were at the hotel to be able to then cross-reference that with other information to identify who that terrorist was. .. o an investigation that is effective and, we need to have enough restrictions so we are not indiscriminately collecting records in bulk. if there are better ways to define it, and it is a tough one to define, but if there are
1:01 pm
better ways to define it come a we are interested in working on that. we think this doesn't. >> i appreciate your willingness to work on this. the chair brought up the issue early into the discussion. i would end this by saying, i weekend to get it right when we do a good job of defining the tes very specifilly. and defining the terms of very specifically i don't get a lot of trust to the legislative intent and history being the thing that describes that ends up holding the day in court years from now. i think the work and the law holds a lot more sway at the end of the day in the courtroom. thank you. >> senator warner, thank you for your patience. >> i have a couple of quick questions and i appreciate so many of my colleagues that have dug into this very deeply in
1:02 pm
trying to prod through these critically important privacy protections and the essential need of the national security and with senator mikulski said. i want to follow-up on what folt senator rockefeller and senator collins to at least make it clear, and further we understand but i think we may be doing with this house bill it was reported when we think about 215 the previous program. the metadata with those entities and those companies that enter into a relationship coming and i believe there was a february wall street journal. the large entities and the
1:03 pm
companies were involved. the telephone calls and wireless calls were actually a relatively small percentage. is that an accurate description of how the press presented the program previously? >> yes that is how the press represented it. >> if that was an accurate representation, what in the universe of calls that are now potentially exposed to these kind of inquiries be dramatically larger since any regardless of whether they had a relationship or not in any type of call whether it is wired or wireless the subject to the inquiries that could be now made through this new process.
1:04 pm
>> for the further protecting privacy, i think on a factual basis of a number of calls to potentially scrutinize the universe would be exponentially larger than what the prayer system was. is that an accurate statement? >> no sir because the only calls the government will see are those that are directly responsive to the predicate information that we have. >> in terms of the actual inquiry. when prior to the calls that were on the out of the 215 database that was held at the nsa, which has the press reports said it did not include in many cases the fastest growing number of new calls, wireless calls.
1:05 pm
they may be the same because the protections are still the same the actual universe of the calls that could be against is dramatically larger than what they have right now. one of the things they did not include was the location information. and when the cell phone call originates. what kind of privacy protections do we have to ensure that the location data will not be married on a going forward basis
1:06 pm
and since they hold today that they hold not only the billing information but the location data as well. right now in the law enforcement context of a good basis for it to get the location information. when they take some of these life being taken hostage taking some information quickly. it will be collected to each individual circumstances that warranted by showing the court this is information that is relevant the location data was not. it could be inquiries within the
1:07 pm
nsa protection. then we ask them for individual location information that we thought was warranted. >> but that would require an additional step. i'm talking not so much on the law enforcement side but on the ic side. >> and that is what will happen. >> we can take a look at whether it is appropriate under the facts and circumstances to provide location information as well as the call data records and about whether or not only the call data records are.
1:08 pm
understandably a great deal of public concern about the government holding the data is a member of a south wind there lies a number of concerns in the privacy advocates should also be concerned about in terms of both the scope of the amount of data and potentially even greater access if we are able to go at this and reemphasize what my colleaguewith mycolleagues haves that there will be in additional higher level of security standards and a higher level of training and higher level of commitment from these individuals who are going to have access to the data. i don't think they will ever get the standards that the folks of the nsa, that this is an issue that needs to be -- >> thank you madam chair. >> we have completed this panel.
1:09 pm
however, senator warner -- senator wyden has asked to add one more question briefly and then we will move on. >> i will submit other questions for the record that i want to ask your agency question for direct relevance to a matter that has taken a lot of our time. for each of you just go right down the road. would it be appropriate to search the files without seeking an external authorization or approval? >> with go down the road. >> if i understand your question by definition we are asked to conduct this properly authorized in some fashion. >> the only thing i would limit is that because my agency involves the attorney general not every approval would have to
1:10 pm
be external, that you would have to have the appropriate legal approval in every instance. >> so we would have to have the appropriate -- >> thank you adam chair. >> if i may, let me thank the audience for their attention. this is a controversial subject, and i know people feel strongly. it is very much appreciated. i would also like to thank the capitol police for their attention to this. i will introduce the next panel. i would like to welcome -- let me thank the witnesses. thank you very much. do we have someone to change their name tags?
1:11 pm
>> i would like to introduce the panel, and i will introduce everyone and then begin from my left and you're right and go right down the line. the first person to be introduced is hardly the senior counsel at the center for democracy and technology coming and he's the deputy director of the freedom security and surveillance project at the center for democracy and technology. mr. geiger has written on the data surveillance in general.
1:12 pm
second is dean garfield, ceo of the information technology industry council known as iti. iti is an advocacy and policy organization that red presents a number of technical companies including google, facebook, yahoo!, microsoft and many others. mr. garfield has previously appeared before the house judiciary committee to discuss reforms. and the final but this is michael woods the vice president and assistant counsel for verizon. mr. woods leads the national security agency and public safety policy team. before joining verizon, he was the chief of the national security unit at the fbi. relating to section 215 of the united states patriot act.
1:13 pm
and finally we have stewart baker in the washington office. he served as the assistant secretary for policy at the department of homeland security. from 92 to 94 mr. baker served as the general counsel for the national security agency for the telecom and national security law. once again i will point out the 5:00 o'clock -- five-minute clock and if you can adhere to that i would appreciate it. >> thank you all of the members of the committee for holding this open hearing on this very important issue of the surveillance reform. on the outset i wish to say that i appreciate the dedication of
1:14 pm
the members of the intelligence community and of this committee to protecting both national security and civil liberties. although i'm here as an advocate for the civil liberties i recognize that the intelligence and law-enforcement communities for those that wish to cause us great harm and i also recognized in the terrorist attack is the worst thing that could happen to civil liberties. at the same time in the decades following the 9/11 terrorist attacks the pendulum has swung too far in the favor of broad surveillance. it's time now for a correction. the answer to the threats that the country faces cannot be the surveillance of individuals with no connections to a crime of terrorism. congress has an opportunity now to establish meaningful privacy protections in the surveillance authorities without significantly weakening security. whatever reform the congress settles on is unlikely to be revisited for many years, for the congress should just consider the surveillance
1:15 pm
programs, technologies, governments and threats of today, but those of tomorrow as well. the freedom act is the legislation that has made the most headway in this regard and although the bill does not address many of the serious issues that are raised by overbroad surveillance, the freedom act does seek to prohibit the collections under section 215 of the patriot act, the statute and the national security authorities. however, there is serious and widespread doubt as to whether the bill as it is passed by the house actually accomplishes this goal. the senators, let us not use the phrase bulk collection has coded jargon for existing programs or nationwide surveillance dragnet. rather, the collection is any normal person would understand it means the large-scale collection of information about individuals with no connection to a crying or investigation. in that respect, the bill does
1:16 pm
not en end at the collection. and this is not just the opinion of the privacy advocates but also more than half of the cosponsors of the usa freedom act and many of america's biggest companies as was noted earlier issued a letter stating that the bill may not "-end-double-quote action. the linchpin of the house prohibition on the bulk collection is a requirement that the government used a specific selection term in the demand for the data area however, the definition of the specific selection term is politically ambiguous and open ended. and the exploitation of the statutory language is what led to the collection in the first place. there is nothing in the bill that would prohibit, for example, the use of verizon or gmail or the state of georgia as a specific selection term. it's not indiscriminate. now i can be believed that this government, this current government is sufficiently stunned by the scandal to avoid such an aggressive interpretation of the statute. but the memory of this debate
1:17 pm
will fade and we will be left with language that is open to create an interpretation. while the definition should be clarified. in my time remaining i would like to propose a safeguard and pass forward. rather than find a definition for the specific selection term that satisfies all interest. in particular existing minimization procedures. specifically the freedom act should require at the front end for the government use the least intrusive means possible to obtain the information coming in to bend the bill should prohibit the retention and the dissemination of information of the individuals who do not meet specific criteria outlined in the statute. for example, individuals who
1:18 pm
based on the reason of articulable suspicion or the foreign powers, agents of the foreign powers or contact with agents of foreign power in compliance should be subject to oversight and revisited periodically of the procedures changed significantly. this is not a complete solution but rather i'm proposing a partial solution to be layered on top of the other partial solutions that are already in the bill. directed properly this could provide privacy and flexibility. thank you and i look forward to your questions. >> thank you very much mr. geiger. mr. garfield? >> thank you mrs. feinstein and mr. campbell is. on behalf of the dynamic companies in the world we thank you for this opportunity to appear before the panel today. it is our firm view that we have a timely opportunity to advance the surveillance reform in a fashion that both reflects who we are as a nation and advanced our economic and geopolitical interest. it is our hope and we strongly
1:19 pm
urge the senate to seize that opportunity. and i hereby reaffirm our commitment to doing whatever we can to be helpful in achieving that goal. and i get to act expeditiously and second, the steps that are necessary to be taken to ensure that we have a strong bill that has broad support. i'm proud to represent a group of companies that are the global leaders in innovation. as such, they compete all over the world and see firsthand the wide ranging impact of the nsa disclosures. they are able to see firsthand the economic impact. it would be in the tens of billions of dollars. they experience first-hand the growing persistent protectionist
1:20 pm
policies that aim to limit the ability to compete globally whether it is the forced localization requirements in brazil or the attempts to limit cross-border data flows into these are the first step to creating an intranet that is increasingly balkanized and is no longer the open interoperable internet that we have all grown to appreciate it. and the lack of the growing distrust of whether the united states was willing to adhere to the goal norms as it relates to surveillance. it is for all of these reasons we think it's important to act to regain the trust him to do it expeditiously. there's a growing consensus as to the path forward and we released the global surveillance principles in january that is quite forward leaning at the time that we released them.
1:21 pm
today there've been largely embraced as being the way that we should move forward. indeed the freedom act incorporates many of these principles. however, in two respects, the usa freedom act needs to be improved. two sections that need to be addressed. first is one of mr. geiger addressed which is the bulk collection. usa freedom act -- first to add the bold collection. the language that came is at the heart of achieving that that came out of the house and the intelligence as well as the house judiciary committees and we think achieved that goal. however, the language was changed in the final bill that made a play out of the house and it was no longer clear that that language would achieve the goal of sending the bulk collection. >> can you tell us exactly which language you are speaking out in the bill? do you have a section? >> is the specific section that we have been talking about.
1:22 pm
and i will conclude that by making the point that there is the opportunity to change the definition made its way through the house that addresses the concerns. the second area is transparency. >> we would welcome any suggestion that you might make in writing on the amendment to the specific selection and the same goes for mr. geiger or anybody else. most hopeful is when you say things and if you want to submit something to us in legal or not legal language we would appreciate it. >> as you know there's a fair amount of conversation happening both within the room and outside of the room with an aim of coming up with language that is acceptable to the intelligence community.
1:23 pm
and there is good progress as far as i can tell that is being made in being able to do that. the last issue is transparency. transparency is the key part of rebuilding the trust both domestically and international internationally. it's reached by the most impacted companies that happened to be our members. there are still additional steps however with regard to the band that can be taken on the privacy interest in the aim of the rebuilding trust without compromising the national security and i think it's important that we take those steps. let me conclude by simply saying that i deeply respect the work that is being done by the intelligence community. and offer our testimony and my testimony with a great deal of humility. recognize there is a lot that we don't know. but as the sector in the role that we play globally, it is
1:24 pm
important for us to play a leadership role in finding the path forward and we embrace of doing that and look forward to working with the committee to achieve that. >> thank you very much. mr. woods? >> good afternoon chairman feinstein and vice chairman chambliss and members of the committee. i'm pleased to testify before the committee on the topics of the intelligence surveillance act reform this afternoon. my name is michael woods and i'm the vice president and associate general counsel for the verizon to medications. the chairman already know that i'm responsible for the national security public safety portfolio in our office, and the chairman also noted my prior government service. verizon is very pleased to participate in these discussions on the foreign intelligence surveillance act. the revelations this past summer about the telephony metadata heavy road of public confidencee in the legal structures that are next to see technologies there are specific concerns at the impact of the surveillance activities on the privacy and civil liberties of the america
1:25 pm
americans. for verizon to customer privacy's top priority. we should be backed up with oversight and beauty of the rules should include as much procedural transparency as possible consistent with legitimate national security requirements. we support the act because we see it as a achieving these objectives. we are pleased the house passed the bil bill it eliminates the d data collection and codifies the transparency rules for the thatn has already implemented in its public reporting and firmly rejects the idea that verizon or any other communication providers be compelled to retain and collect the data beyond that that is needed for business purposes. we believe the collection and analysis of the data or intelligence purposes is an inherently governmental function
1:26 pm
compelling us or any other private entity to perform this function on behalf of the government is utterly inconsistent with the protection of the customer's privacy. if verizon has a legal obligation to provide customer data to an intelligence agency or a law enforcement organization, it should be omitted to that data at which the rising generates the ordinary course of business. and the production of the data should be compelled in an arms length transaction over seen by the court. we appreciate the careful balance the congress must achieve here. we are confident this is something that you must accomplish and we stand ready to assist the committee in any way that we can. in fact we very much appreciate the open channel of communications that the committee has had with parties interested in this legislation coming and we appreciate the bipartisan way in which the committee has operated. thank you for the opportunity to
1:27 pm
testify today. i would be happy to answer any questions the committee they have. >> thank you mr. woods. mr. baker. >> thank you ms. feinstein, mr. chambers and senator collins who was my authorizing chairman when i was last in the government is a pleasure to be here. i would like to make two points. first i do not believe we should "-end-double-quotes in program. it will put u us * and as senatr came strongly suggested slow our response to serious terrorist incidents and it is in the dark with respect to the data as senator collins and senator rockefeller made it clear and as senator mikulski as well we do not know how long that the data will be stored or how it will be protected. the privacy or the security of the searches that are being conducted. it's a very serious risk that we are taking for the payoff that in my view is minimum. but what i would like to talk
1:28 pm
about in the main part of my presentation is the second step, the kind of piling up staff of the house undertook to fix. not only are we going to end the collection that we are going to require that you show that you have line of a list of five identifiers that you're asking for and if it isn't on that list or doesn't look a lot like something on that list, you cannot ask for it for terrorism purposes. the list is the person entity account. let me just talk a little bit about some actual searches that we wanted to take and did undertake in the real-life terrorist incidences. the case which was the subject of the cross-country chase was investigated in part because someone reported that it was a guideline of large amounts of household chemicals in the beauty supply shops with a kind
1:29 pm
of shaky story and so it was perfectly appropriate for the fbi to say we want to go to all of the household of beauty shops and ask them. they would say that is an improper search. but where is the magic selector? i don't see a magic selector that says household product searches. you're not searching for a person or entity or an address. you can't do it according to this. a washington sniper attack there was again a terrorist attack coming and we wanted to ask as we surely should the phone companies, do you have any indication that somebody whose phone was active at every one of those sites at the time it occurred? of course we should ask that question. and yet, that is not a person, that's not an entity.
1:30 pm
it is an address and if you think that as anybody that is in touch in a particular cell phone tower but at that point you are starting to stretch the concept of address and precisely in the way that senator wyden has argued against. the problem we face is the list is too short if we cannot imagine the clues we need to follow-up in order to catch the terrorists and writing the list even with words such as in front of it does not accomplish the goal that i think was intended to reduce the indiscriminate searches and at the same time it's going to prove to be a straitjacket notwithstanding what the deputy attorney general said i would like to see his justifications for each of the assurances that he gave us about how he was going to conduct the searches. i think it is going to require him to immediately become creative about the meaning of those words in a way that i think senator wyden would have
1:31 pm
not approved. but in a way that authorizes the searches that all of us would be leave should be carried out and so i would suggest the chairman suggested if i understood her correctly that instead of a list of magic words that even partly won't defend we shouldn' shouldo find a principle that says what we think is necessary to avoid bulk collection and if it is something along the lines of narrowing the search, avoiding unnecessary collection of innocent parties information but you don't know who is innocent until you look for certain kinds of information so you have to narrow the search in a modest but effective way. that's probably the way to get out of what i think would otherwise be a solution that is said by no one in three years. >> thank you very much it's going to questions and just off the top of my head lets take the
1:32 pm
case of mr. baker just mention mentioned. this is a man that is going around to wholesale beauty products companies and by eating certain amount of chemicals, large amounts of chemicals, and somebody calls the fbi and says this looks very suspicious. and so the fbi goes to find that he has been in contact with a known al qaeda member in pakistan. what problem do you have with that? >> let's see if i understand correctly. as a committee of the phone of an al qaeda member in pakistan and then they found out where they are trying to find the name of this suspicious individuals and they find out the two have been in contact with each other. i don't have a problem with that and i don't see why that would
1:33 pm
be prohibited. if they do have the call records of the individual in pakistan than they should have it on record that he was in contact with this other suspect. >> i don't know whether they did or did end on that specific point. but, it seems to me that that is exactly the kind of thing that we are looking to enable this kind of collection. >> certainly. if an individual is in direct contact with a foreign power were somebody that is suspected of being such an event is a reason to look at their record. what we are concerned with and i think everyone at the table now has expressed concerns with the ambiguity of the definition that it goes out inventing the collection that we are concerned with or at least i'm concerned with i should say is the collection of individuals who've not been in contact with the agent of the foreign power and the individuals who are not connected to the investigation. >> let me stop you because my understanding i forget whether it was 2012 in the 288 cases --
1:34 pm
2012 the database was only him. 288 times. out of the 288 times, 12 cases were sent to the fbi for a warrant. so it was very selective. this was not any more than that. >> and i trust the department of justice in the night he and the administration when they say the usa freedom act would provide them with this capability. what we are concerned with is that it provides them with this capable but he plus other unknown capabilities that underline the goal of prohibiting the collections. >> and what is that? you said it would enable them to do other things like what other things? >> like what i mentioned in my opening statement. the definition of the specific term is open-ended. it begs the question what counts
1:35 pm
as a specific collection term. it could be the state of maine. it could be it could be something that would sweep in a large number of individuals that are connected -- are not connected in the investigation. sometimes it would be unavoidable to gather information about people that are not connected. i think we can come up with scenarios like that and in that case, ivy league -- and this is why i mentioned it in my testimony and open statement, there should be requirements at the front end that the least intrusive means possible and do not maintain the information as they currently do and as they maintain the information of people who are not in contact with these suspects. >> you also mentioned strengthening the minimization. how would you strengthen the minimization? >> there are requirements already in the statute in section 215. there are none for the statute but the usa freedom act would put in privacy procedures.
1:36 pm
there are no procedures are placed in the statute for the national security letters and what i would propose doing is what i just described which is a requirement of the front and the government uses the least intrusive means possible and at the back end of the provision on the dissemination and retention of individuals who do not need a certain criteria. section 215 of the authorities i mentioned had the most detailed procedures and it merely requires the minimization of retention and dissemination or sorry minimization of the retention and the prohibition. it has nothing about acquisition. is it, i am proposing an upgrade to that at least in certain circumstances where the risk of the information gathered while obtaining and sweet and a large number of people. >> mr. baker, what do you think of that? >> first i would clarify the search that i had in mind which is that the fbi here is that somebody is buying all of these
1:37 pm
chemicals and decides to go to multiple stores and say has anybody been buying large quantities of the chemicals? the only searches for the chemicals. i don't see how you justify that. >> that is exactly the conflict. and this is a case. >> that is open to question whether or not the chemicals would work in this election turned or whether the name of the store would be the term. this is part of the problem. i know the specific selection term is something the agency's use in practice but there's not a lot of information about it. it hasn't been built in the statute before. >> if you knew that a known terrorist or someone that is a likely terrorist was coming into this country and the fbi wanted to get a hold of the manifest, would you limit that one plane or would you say they should have access to all of the manifests at any given time were some reasonable limit?
1:38 pm
>> law enforcement does get manifest, but i would encourage the government to use the least intrusive means possible and not to say the information of all of the people of the records they hold if they are no longer -- if they are not relevant or there is no reason to suspect they are connected to the investigation. >> the purpose would be to get a specific name. they are looking for someone. but it is limited. >> i was going to add that ultimately what you are hearing is the ultimate final language in the usa freedom act doesn't fully balance the equities that we are talking about, the equities that were raised about privacy or the equities mr. baker raised about protecting national security. and so i think that it's inserted effort needs to be made to improve the language so that both of those are better balanced. a concluding thing is that it's
1:39 pm
feasible to do that. >> thank you mr. vice chairman. >> i'm happy to yield to senator king that has to leave shortly. >> just a couple of questions. first, i think that i heard the answer to this but i wanted to be clear do you feel that usa patriot freedom act is superior to the current law, mr. geiger? >> idb that is an improvement yes. >> i believe it's an improvement as well but can be improved. mr. woods? >> i agree. >> mr. baker i didn't ask you because you said you don't agree. the second question, mr. woods, you heard my questions to the prior panel about the duration, and i think in your testimony you sort of said we will do this but not if we have to change anything. how would you feel about a provision that said 18 months or
1:40 pm
two years of retention? >> we would be very much opposed. our position is as now, we produce the records that we've retained for business purposes and we do not want to be compelled to retain the records beyond that. >> but i don't see how we can make the change if you're not willing to make a commitment. what if you change or policy and say we are only going to keep the records for two months? then we've lost all of the intelligence about you. >> as the technology develops, people and companies will transition from older to newer forms of technology. the kind of records that were generated by the old switched telephone system are not the same kind of records generated by the wireless system and has peoples telephone usage moves from one to the other can kind of records we have changed. change. they are probably going to change again. >> i understand that you understand my question you are recommending we go from the government holding the data to the company holding the data but
1:41 pm
as the company, you're not willing to commit to holding the data for a meaningful period of time in order to make it otherwise the protection of the national security becomes a loser. we can't have it both ways. you can't tell us to switch but say we are going to do as we choose. >> i don't think we are saying we are doing as we choose. we retain the records in the ordinary course of business. we are not an intelligence agency for the customers. so, you know, we will respond to the requests from the record that we have. we are opposed to being compelled to collect records for the reasons that are unconnected. >> nobody is asking you to collect the records it is just maintaining the records you already have. >> our general principle in the records is that we do not keep them longer than the business purpose because we have learned that the longer that we keep the
1:42 pm
records beyond we need them, the greater the risk of the privacy for customers to the best protection for the customer's privacy is not to retain the records beyond the period that they are needed. >> did the house examined the question when the legislation was passed? >> we never asked. we made the position clear. >> well, thank you very much. senator rockefeller? excuse me. mr. wyden is after mr. king. >> thank you for getting me in such deep trouble. [laughter] mr. woods is said in the statement for the record that we do not have which i regret it's
1:43 pm
very unusual that we don't have a statement for the record. but the bottom line is that, quote, national security is a fundamental government function that should not be outsourced. i happen to agree with that. verizon is in the business of providing communication and other service to the customers not acting as an intelligence agency, and that many companies in a little state like west virginia for example which are not called at&t or verizon or frontier but which have very small operations but nevertheless, they cover numbers of people. my farm in west virginia is such a place. they would of course all have to go into the business of becoming an -- nsa officials. as a come of this bill would end the nsa's role in storing and
1:44 pm
searching the data, transferring the responsibility for conducting the inquiry is from the agency to the telephone companies. i've not necessarily had a great experience as i indicated with the telephone companies, cramming the data broker in all kind of other things because i started investigations in the commerce committee. we never had one. i got myself subpoena power and was a joyous moment. but the experience was the telecommunication companies moving the target. you yourself used the sentence longer than the business region. it sounds to me like a diminished national security role that has expanded i'm
1:45 pm
really wondering is that right and particularly how does that relate to. i was the chair when we did a lot of that. they go with only one purpose in mind. nobody makes any money and the government at least most people don't make any money and the government.
1:46 pm
the free enterprise system is an entirely different kettle of fish. my family has done rather well. however in the intelligence business, i have a very different view. i don't know why you think you should be doing this but i really don't think you want to be. and you said that you shouldn't. >> in the statement with the response it should be retaining more data and performing the search analysis on behalf of the intelligence community. that isn't in the usa freedom act and we are very happy about that is the proposal that has been discussed as a part of the large reform discussions. we do not believe we should be doing that. what we are quite prepared to do and we have done for many years and all sorts of the communication companies do is respond to the targeted request by the law enforcement or by the inhabitants community. and what we see in the usa
1:47 pm
freedom act is not a shift of the national security role to verizon but rather a change in the kind of requests that we will get from the nsa. instead of requesting all of our detail records, we will get a request for a targeted list of call detail records which we will deliver much in the way that we deliver the records in response to the law-enforcement subpoena and other authorities. now -- can i ask you a question because my time is running out. what about all of these little companies that are not called verizon, at&t and frontier? there's lots of little companies. you do not get their billing. so they are going to have to set up systems that are comparable to what you're going to set up if you can set it up and i'm not sure that you can because of the comparison. what about them? they cannot afford to do this. so all of their customers and
1:48 pm
all of that billing information is just free and clear. spank well, senator, they actually are subject to other authorities. the fbi could go with other orders. many of them don't have the infrastructure. in some cases they have to do more of the work on the government side. i think that these requirements, the security requirements for fr example already exist. it's not just peculiar to the bold collection. other kind of orders require that we handled this inane environment that we get a look at security procedures mandated by the government if the attorney general and the national intelligence and i agree that it's a different burden for the giants took an indications company. >> that the unit that specializes in this those
1:49 pm
companies don't have the unit nationalizing that. >> i've had that experience. but it is i think -- while that is true. they are probably most after the reside largely in a small number of rather large providers which you can see reflected in the programs that exist up until n now. >> thanks, senator rockefeller. with respect to the economic implications over these overly broad nsa surveillance practices. the way that i come to this is the companies that are part of your organization into the technology sector is an advantage of america. this is an area that we
1:50 pm
consistently be lead we have the cutting-edge technology and a host of exciting development, cloud computing that is just one of them. these are all areas that we have a chance in a fragile economy to create good paying innovation oriented jobs, and my take is it's a foreign enemy was doing the damage to the american economy that some of these overly broad practices are doing our citizens would be up in arms. people would be up in arms literally from coast to coast. and you have highlighted page three of your testimony in the forrester study i believe were the foundation 35 billion-dollar law to the cloud computing industry is one part of the technology sector over three years. and you talk about the
1:51 pm
balkanization of the internet. i think it would be very helpful if you flush that out. i would assume that's what you're touching on is when the country companies like brazil and others are applying the various restrictions and opportunities for access to our digital goods and services it makes it harder to have that kind of seamless intranet that if you flush out that concept if he was of th globalization of te internet, because i think it's important for people to really understand the implications of the economic harm that is being done to the american brand. your companies have gone through great lengths to constantly innovate. by and large they like to be left alone by the government. >> that is an accurate statement. >> and i agreed it -- read about john chambers and others that are up in arms. so flush out the question of how the overly broad nsa practice
1:52 pm
have damaged companies. by the way i feel so strongly about this that i am investigating it, mr. chairman of the finance committee because i think that this has began for patients on the global competitiveness of some of our most important companies who will be following it up there as well. >> we appreciate that. the two contacts are actually related, so the internet as i mentioned in my testimony is built on open and interoperable platforms. they are also heavily reliant on trust and so what we see in and out of the international markets is a move towards creating barriers to that openness and interoperability that would lead to the new government structures where you have essentially the gardens that are separated from the broad global internet which is problematic and the benefit of the internet is that it's global and its interconnected.
1:53 pm
the loss of trust as well which i mentioned in my oral testimony is highly problematic because the reason that the companies have done so well globally is because we innovate but also there's a trust in what we are innovating in advancing. then it results in economic loss and those are not theoretical. they are real and have broad implications not just for our companies but the foundation of the internet has changed then all of the social good that he arrives from it is also impacted. >> thank you madam chair. >> thank you senator collins. it's good to see you again and i very much appreciate the fact that you gave us some real-life examples to contemplate as we
1:54 pm
attempt to get this right and that is what everybody on the committee wants to do. how long does verizon retain the call record data for business purposes click >> that's a complex question to answer because we have many different systems for retaining the data. i would take the opportunity to say that a number of witnesses and members have referred it to the requirement that we retain for 18 months three to >> that was going to be my next question on whether you think you are required to retain the data for 18 months. >> the answer is no. it requires us to maintain the building reichert for 18 months. and when that rule was enacted back in the 1980s, our billing records integrated a lot of the
1:55 pm
records. if you remember what the telephone bills used to look like there were pages and pages and they're used t there used ta difference between the locals. as the system has evolved, most of our customers about 70 or 80% of the customers in over 80% of the wireless customers are unlimited type of plans. so we know that call detail records are no longer a part of the billing records that we maintain. >> but we are moving more and more towards the flat fees monthly calling plans. so i am trying to figure out how this is going to work if you're not going to have kind of detailed phone numbers and if you are not keeping all of the data for at least 18 months.
1:56 pm
so it sounds like you are keeping less data venues used to when there were individual calls that you were charged for if you were a customer and that you're keeping them at varying lengths and do not accept that there is a requirement to keep all of that data for 18 months. and correct me where i'm wrong on that. >> for the first point, we are not generating fewer call records. the systems generated them even when the customers are on the unlimited plans the system switches in the gateway automatically generate the records. we use them fairly for the network management purposes for managing the traffic across the system. and as i say, we have many different systems. we are generally maintaining those 12 to 18 months for business purposes from a purely business purposes. we satisfied the requirement by
1:57 pm
retaining the actual copies of the billing paperwork. the fcc requirement is all about resulting the billing disputes with customers, so we literally keep copies of the bill. but the technical data are still being generated. >> after 12 months, you are purging the detailed records just maintaining the billing records that doesn't have the call detail in many cases, then aren't you losing -- within the government been losing access potentially to six months worth of the data that there seems to be a common assumption that there's going to be 18 months of data that's not in the bill and your telling me that you don't keep that kind of data across the board?
1:58 pm
>> that's correct. if a law-enforcement agency or the intelligence community came to us and asked for the call detail records from three years ago, for example, we might not be able to honor that request. but that's the position that all law-enforcement is in right now. double collection is for a longer perco of time only because the nsa is getting a continuous feed and is keeping it themselves even though we do not have the data figh five yeas back and it would just all collection would be from our ordinary business records. >> mr. baker, do you see that as a problem from your perspective and intelligence community members. whatever the practices are we don't thought the practices will
1:59 pm
be in the frontier or comcast were much smaller provider. so it is going to be a very bumpy ride. >> since the four of us to have a brief -- you didn't have to work -- it's? i'm sorry. in 2015 there are examples that i could give you a dozen more. do you know of any abuse of the use click >> if there was an abuse it is unlikely that the public is going to know about it because
2:00 pm
that abuse would be classified and shrouded his receipt. but certainly the overbroad use of the section 215 has resulted in a loss of trust in american companies and is translated to the real dollar loss in the lost jobs. moreover, the surveillance itself is an abuse of privacy rights and of people abroad and they have a history of abuse not just this government worldwide but when the surveillance coverage is broad. last, there is not a lot of evidence that the authorities are affected. we have had multiple independent boards including the civilian oversight board and the review group as well as members of the panel who have reviewed the classified evidence and have determined that less intrusive means could maintain the same end. so i would say that not only do i not have the information about the abus abuse that i in fact he information that the authority y

Key Capitol Hill Hearings
CSPAN June 6, 2014 12:00pm-2:01pm EDT

Speeches from policy makers and coverage from around the country.

TOPIC FREQUENCY Us 26, Fisa 19, Nsa 12, Fbi 10, Mr. Cole 10, Collins 8, America 7, Wyden 7, Mikulski 7, Mr. Ledgett 6, Mr. Baker 6, United States 6, Mr. Geiger 5, Verizon 5, Madam 4, Mr. Giuliano 4, Udall 4, Ms. O'sullivan 4, Chambliss 4, Metadata 3
Network CSPAN
Duration 02:01:00
Scanned in San Francisco, CA, USA
Source Comcast Cable
Tuner Channel v109
Video Codec mpeg2video
Audio Cocec ac3
Pixel width 704
Pixel height 480
Sponsor Internet Archive
Audio/Visual sound, color

disc Borrow a DVD of this show
info Stream Only
Uploaded by
TV Archive
on 6/6/2014